(mysql.info.gz) Application password use
Info Catalog
(mysql.info.gz) Password hashing
(mysql.info.gz) Password hashing
(mysql.info.gz) Password hashing 4
5.5.9.1 Implications of Password Hashing Changes for Application Programs
.........................................................................
An upgrade to MySQL 4.1 can cause a compatibility issue for
applications that use `PASSWORD()' to generate passwords for their own
purposes. Applications really should not do this, because `PASSWORD()'
should be used only to manage passwords for MySQL accounts. But some
applications use `PASSWORD()' for their own purposes anyway.
If you upgrade to 4.1 and run the server under conditions where it
generates long password hashes, an application that uses `PASSWORD()'
for its own passwords will break. The recommended course of action is
to modify the application to use another function, such as `SHA1()' or
`MD5()', to produce hashed values. If that is not possible, you can
use the `OLD_PASSWORD()' function, which is provided to generate short
hashes in the old format. But note that `OLD_PASSWORD()' may one day no
longer be supported.
If the server is running under circumstances where it generates short
hashes, `OLD_PASSWORD()' is available but is equivalent to `PASSWORD()'.
Info Catalog
(mysql.info.gz) Password hashing
(mysql.info.gz) Password hashing
(mysql.info.gz) Password hashing 4
automatically generated byinfo2html